PT-2025-3839 · Unknown · Leiyuxi Cy-Fast

Name of the Vulnerable Software and Affected Versions: leiyuxi cy-fast version 1.0 Description: A critical vulnerability exists in the listData function within the /commpara/listData file. Manipulation of the argument order leads to a SQL injection, which can be exploited remotely. The exploit fo...

WordPress plugin MDTF SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Code-Projects Online Book Shop 注入漏洞

Code-Projects Online Book Shop is a Code-Projects open source online bookstore. An injection vulnerability exists in Code-Projects Online Book Shop version 1.0, which stems from an SQL injection vulnerability in the cat parameter of the /subcat.php page...

CVE-2024-13092

A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. This vulnerability affects unknown code of the file /parse/calljob/searchajax.php of the component Job Post Handler. The manipulation of the argument n leads to sql injection. The attack can be initiated...

WordPress plugin WPLMS SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WPL...

InfotelGLPI tasklists SQL注入漏洞

InfotelGLPI tasklists is an InfotelGLPI plugin for use in GLPI, an open source helpdesk and asset tracking system that provides task management and Kanban functionality. An SQL injection vulnerability exists in InfotelGLPI tasklists versions prior to 2.0.4, which stems from the presence of a blin...

Arctera Data Insight 安全漏洞

Arctera Data Insight is a data management software from Veritas Technologies. A security vulnerability exists in Arctera Data Insight versions prior to 7.1.1. An attacker exploiting this vulnerability could perform a SQL injection attack...

CVE-2024-12936

A vulnerability, which was classified as critical, has been found in code-projects Simple Admin Panel 1.0. This issue affects some unknown processing of the file catDeleteController.php. The manipulation of the argument record leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-12935

A vulnerability classified as critical was found in code-projects Simple Admin Panel 1.0. This vulnerability affects unknown code of the file editItemForm.php. The manipulation of the argument record leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...

PT-2024-17809 · Code Projects · Code-Projects Job Recruitment

Name of the Vulnerable Software and Affected Versions: code-projects Job Recruitment version 1.0 Description: A critical issue affects the add edu function of the file / parse/ all edits.php. The manipulation of the degree argument leads to SQL injection. The attack may be initiated remotely. Oth...

1000 Projects Daily College Class Work Report Book 注入漏洞

1000 Projects Daily College Class Work Report Book is an open source college class work report book by 1000 Projects. An injection vulnerability exists in version 1.0 of 1000 Projects Daily College Class Work Report Book, which stems from the user parameter in the /login.php file that can cause S...

CodeAstro House Rental Management System 注入漏洞

CodeAstro House Rental Management System is a house rental management system from CodeAstro. An injection vulnerability exists in CodeAstro House Rental Management System version 1.0, which stems from an incorrect manipulation of the parameter u/p that can lead to SQL injection...

PT-2024-17411 · WordPress · Advanced Floating Content

Name of the Vulnerable Software and Affected Versions: Advanced Floating Content plugin for WordPress versions up to, and including, 3.8.2 Description: The issue arises from insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query in the...

PT-2024-17778 · Unknown · Code-Projects Online Exam Mastering System

Name of the Vulnerable Software and Affected Versions: code-projects Online Exam Mastering System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /account.php?q=quiz&step=2. The manipulation of the eid argument leads to SQL...

CVE-2024-56047

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3...

WordPress plugin Travel Booking SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2024-36627 · Unknown · Dr Affiliate

Name of the Vulnerable Software and Affected Versions: Dr Affiliate versions 1.2.3 and earlier Description: The issue is related to an SQL Injection vulnerability, which allows attackers to manipulate SQL commands. This is due to the improper neutralization of special elements used in an SQL...

PT-2024-10193 · Amazon · Amazon Redshift Jdbc Driver

Name of the Vulnerable Software and Affected Versions: Amazon Redshift JDBC Driver version 2.1.0.31 Description: A SQL injection issue in the Amazon Redshift JDBC Driver allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. This issue can be...

WordPress plugin LaunchPage.app Importer SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A SQL injection...

WordPress plugin Mollie for Contact Form SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A SQL injection...